Our next meeting will be held on Monday, December 17 from 6 PM to 8 PM. We are currently looking for one speaker to present at the meeting. If you are interested in presenting, please email [http://scr.im/mascasa Justin Morehouse]. Please check this page often for the latest presentation updates.

+

Our next meeting will be held on Monday, December 17 from 6 PM to 8 PM. There will be two presentations at this meeting. First, Bryan Orme, VP of Information Assurance at GuidePoint Security will be presenting "How to Hack Web Applications for Profit (And How to Prevent Yours From Being Hacked)." We are currently looking for one additional speaker to present at the meeting. If you are interested in presenting, please email [http://scr.im/mascasa Justin Morehouse]. Presentation abstract and speaker bios are below.

The following is an agenda for our next meeting:

The following is an agenda for our next meeting:

Line 29:

Line 29:

Please RSVP to [http://scr.im/mascasa Justin Morehouse] BEFORE 12/14 to be added to the security list.

Please RSVP to [http://scr.im/mascasa Justin Morehouse] BEFORE 12/14 to be added to the security list.

+

+

'''How to Hack Web Applications for Profit (And How to Prevent Yours From Being Hacked)'''

+

+

''Abstract''

+

+

The constant barrage of breaches that we’ve seen over the past several years have made two things very clear—every organization is at risk and every web application is a target. As a security professional, it does not matter whether breaches are brought about by hacktivists such as LulzSec or Anonymous, the acts of criminally minded hackers or nation state sponsored attacks, the consequences of vulnerable web applications can wreak havoc on your company. Attackers are determined, inventive and patient, while your organization’s application portfolio is dynamic, vulnerable and always connected to the Internet. This presentation will discuss why web applications are vulnerable, why they’re under attack, and provide an overview of the most common vulnerabilities found in web applications. Attendees will leave with an understanding of how web applications are attacked, the most common vulnerabilities found in web applications, and how to prevent these vulnerabilities from being identified and exploited in your web applications.

+

+

''Speaker Bio''

+

+

Bryan Orme, Vice President, Information Assurance – Bryan has over 12 years of working experience in the information security field, primarily focusing on Security Program Strategy, PCI DSS, Application Security, Vendor Management, and Project Consulting. Before joining GuidePoint, Bryan was the Director of Information Security for Capital One where he built and led the Application Security and PCI DSS Programs and was a member of the Scoping and Encryption Special Interest Groups of the PCI Security Standards Council. He earned a BS from James Madison University and a MBA from the Robert H. Smith School of Business at the University of Maryland and holds QSA, CISSP and CISM certifications.

== Meeting Location ==

== Meeting Location ==

Revision as of 11:23, 27 November 2012

Welcome to the OWASP Tampa Local Chapter

funds to OWASP earmarked for Tampa.

Anyone in our area interested in information security is welcome to attend. Our meetings are informal and encourage open discussion of all aspects of application security. We invite attendees to give short presentations about specific topics.

A reminder that CISSPs can earn 1 CPE credit for every hour of attendance at OWASP meetings.

Next Meeting

Our next meeting will be held on Monday, December 17 from 6 PM to 8 PM. There will be two presentations at this meeting. First, Bryan Orme, VP of Information Assurance at GuidePoint Security will be presenting "How to Hack Web Applications for Profit (And How to Prevent Yours From Being Hacked)." We are currently looking for one additional speaker to present at the meeting. If you are interested in presenting, please email Justin Morehouse. Presentation abstract and speaker bios are below.

How to Hack Web Applications for Profit (And How to Prevent Yours From Being Hacked)

Abstract

The constant barrage of breaches that we’ve seen over the past several years have made two things very clear—every organization is at risk and every web application is a target. As a security professional, it does not matter whether breaches are brought about by hacktivists such as LulzSec or Anonymous, the acts of criminally minded hackers or nation state sponsored attacks, the consequences of vulnerable web applications can wreak havoc on your company. Attackers are determined, inventive and patient, while your organization’s application portfolio is dynamic, vulnerable and always connected to the Internet. This presentation will discuss why web applications are vulnerable, why they’re under attack, and provide an overview of the most common vulnerabilities found in web applications. Attendees will leave with an understanding of how web applications are attacked, the most common vulnerabilities found in web applications, and how to prevent these vulnerabilities from being identified and exploited in your web applications.

Speaker Bio

Bryan Orme, Vice President, Information Assurance – Bryan has over 12 years of working experience in the information security field, primarily focusing on Security Program Strategy, PCI DSS, Application Security, Vendor Management, and Project Consulting. Before joining GuidePoint, Bryan was the Director of Information Security for Capital One where he built and led the Application Security and PCI DSS Programs and was a member of the Scoping and Encryption Special Interest Groups of the PCI Security Standards Council. He earned a BS from James Madison University and a MBA from the Robert H. Smith School of Business at the University of Maryland and holds QSA, CISSP and CISM certifications.

Meeting Location

Our next meeting will be held in Q3, most likely in Septemeber, at the Kforce building in Ybor. The address is: